government – Inside BlackBerry for Business Bloghttp://bizblog.blackberry.com
Sat, 10 Dec 2016 02:57:40 +0000enhourly1http://wordpress.com/http://0.gravatar.com/blavatar/20ac8e1f171f33d226baa862f286c029?s=96&d=http%3A%2F%2Fs2.wp.com%2Fi%2Fbuttonw-com.pnggovernment – Inside BlackBerry for Business Bloghttp://bizblog.blackberry.com
The FCC, the EAS, and the Future of Crisis Communicationhttp://bizblog.blackberry.com/2016/08/the-fcc-the-eas-and-the-future-of-crisis-communication/
http://bizblog.blackberry.com/2016/08/the-fcc-the-eas-and-the-future-of-crisis-communication/#respondThu, 04 Aug 2016 12:00:40 +0000http://bizblog.blackberry.com/?p=19248/ Read More]]>We have all had it happen. Unexpectedly, the cell phone comes to life, issuing a tone unlike anything it normally makes. It is an Amber Alert, indicating a suspected child kidnapping, or it is a severe weather alert, indicating an imminent, potentially catastrophic storm.

These one-way emergency notifications are part of the United States Federal Communications Commission’s Wireless Emergency Alert system (WEA). Cellular providers deliver them for narrowly defined situations in which time is of the essence, at no charge to their customers.

In many ways, WEA communications seem like a relic from a different era. Content is text-based, 90 characters at most, with limited formatting. Geographical distribution is determined by the number and location of cellular towers designated to issue an alert. However, the system works. It is robust, reliable, and ubiquitous, even with its limitations

For that reason, the FCC has been exploring a successor to WEA. These proposed rules and opportunities for public comment are built around the following goals, as stated by the FCC:

Increase the maximum length of WEA messages (from 90 to 360 characters) in order to convey more information

Create a new class of WEA alerts (“Emergency Government Information”) as a means of sending action-oriented public safety advisories (such as “boil water” messages or information on shelter locations during weather emergencies) to communities

Require participating wireless providers to deliver the alerts to more granular geographic areas

Make it easier for state and local authorities to test WEA service and train personnel

This next-generation system, once it moves from proposal to deployment, creates a range of exciting possibilities for networked crisis communication solutions like AtHoc. Enhanced WEA should synchronize with applications like AtHoc, so that potentially hazardous conditions at a customer can trigger appropriate warnings to a broader community.

For example, an explosion at a chemical plant might cause a toxic cloud to be released. AtHoc can alert the appropriate parties within the plant, as well as external responders and organizations who have subscribed to that particular AtHoc deployment. A direct interface between AtHoc and enhanced WEA might mean that the entire area can be alerted, not just AtHoc users, with AtHoc passing critical information on the nature of the crisis to WEA administrators, who then issue the appropriate shelter or evacuation orders.

This process can be equally effective when operating in reverse. A dangerous weather alert issued via enhanced WEA might have very specific ramifications for an AtHoc customer. Responder organizations can use WEA as a trigger for their own AtHoc-based alerting and communications needs, organizing and mustering resources as needed. Or, an industrial facility can automatically issue alerts to secure and protect people and infrastructure, in advance of the adverse conditions.

The possibilities of building automated, data-driven connections between the specificity of AtHoc and the more general nature of an enhanced WEA are very exciting. Anything that helps accelerate the flow of accurate, authorized information during an emergency is to be applauded, especially if it provides a streamlined mechanism to reach at-risk people who have no other means to become aware of the severity of the situation.

We intend to participate actively in this conversation, helping to build a system that benefits as wide a range of organizations as possible. Possible areas where our experience can benefit this discussion include our ability to operate in multiple languages, as well as the interoperability that is critical for linking disparate technologies into a seamless whole, without overwhelming any of the systems necessary for the greater solution to operate.

]]>http://bizblog.blackberry.com/2016/08/the-fcc-the-eas-and-the-future-of-crisis-communication/feed/0Doctor and paramedic talking outside ambulancewebsternfBusiness man chatting on smartphone whilst looking out of windowAir pollution from industry park at nightThe Key to Cross-Organization Emergency Collaborationhttp://bizblog.blackberry.com/2016/05/the-key-to-cross-organization-emergency-collaboration/
http://bizblog.blackberry.com/2016/05/the-key-to-cross-organization-emergency-collaboration/#respondTue, 10 May 2016 17:42:12 +0000http://bizblog.blackberry.com/?p=18512/ Read More]]>Not long ago, I published an article in 9-1-1 Magazine talking about emergency trends to watch in 2016. Now that we’re more than a third of the way through the year, I want to revisit one of the items on that list, and speak directly to what we’re doing at AtHoc to turn these challenges into better products for our customers.

Here’s what I said about cross-organization collaboration:

A common thread in large-scale emergencies throughout the United States over the last decade has been the difficulty of communication between organizations, from first responders to local businesses to government agencies. Cross-agency collaboration has received significant attention on the federal level, even resulting in legislation mandating interoperable communications at the national level. As a result, federal agencies are building and implementing systems and platforms that enable this greater level of interoperable communication during an emergency.

In 2016, more private organizations will take these governmental lessons into consideration, and we will see a greater number of organizations deploy systems that enable them to simplify communication with relevant community and public safety organizations during a crisis. This will require targeting of emergency information only to the right authorities and applicable organizations. It will not be implemented as a public feed, but rather as a network of applicable connections within the emergency community. An important part of this collaboration will be the ability to share more than text. As mobile alerting becomes the norm, we expect more companies will adopt the ability to share videos, photos, geolocation information, and more to provide complete context and aid in decision making by the appropriate authorities. More information will result in better decisions and faster resolution of the crisis situation, especially as it interfaces with public safety response and coordination.

AtHoc Connect is a unique approach to enable organizations and agencies to communicate before, during and after a crisis situation. We have shared the results of a very impressive pilot led by the Pentagon Force Protection Agency (PFPA) where representatives from all major services – Army, Navy, Marines and Air Force, as well as from the Department of Homeland Security (DHS) – participated to prepare efficient communication procedures.

As a result of this successful pilot, we have received multiple requests from non-federal organizations in the Washington, D.C., area to connect with these important agencies. To enable this important communication that will help manage a crisis situation effectively, we have connected these organizations to the AtHoc Connect network. By being connected to the AtHoc Connect network, these organizations will receive critical information from the authorized agencies at real time. This is an example of the trend for interoperable communication within and across federal agencies during crisis situations.

An interesting evolution of this trend is the expansion of this trend to other countries as well. In the context of the recent events in Europe, it’s clear more than ever that managing and controlling these mega emergencies require a well interoperable crisis communication system. One of the key lessons learned following the active shooter incident at Los Angeles International Airport in 2013 was:

“On the day of the LAX shooting, more than 20 different agencies responded to the airport in various capacities with very little in the way of interoperable communication”

The recent events in Europe happened in crowded locations and were handled by numerous support and rescue agencies as well. These agencies and the commercial organizations surrounding these locations require efficient and effective interoperable communication to save lives and minimize the impact on the public.

Very few organizations have the technology and the experience to break down these structural and functional barriers, especially when interoperability extends to private companies, or regional, state, or local governments. That’s why we built AtHoc to address these concerns directly, and have developed the experience to make it work for organizations of all types and sizes.

We believe that AtHoc and the AtHoc Connect network is best suitable to solve these needs and we are actively working on improving our offering even further in the context of these tragic events.

Emergency preparedness inevitably means crisis communications that helps your organization “play nicely” with every other organization in your immediate area that might be affected. Let us show you how AtHoc makes interoperability work, as seamlessly and cost-effectively as possible.

]]>http://bizblog.blackberry.com/2016/05/the-key-to-cross-organization-emergency-collaboration/feed/0cross_organization_collaboration-_tnodedlivecomcross_organization_collaborationNo Warning: 5 Reasons Weathering a Crisis Without a Secure Communications Network Is Its Own Disasterhttp://bizblog.blackberry.com/2016/04/no-warning-5-reasons-weathering-a-crisis-without-a-secure-communications-network-is-its-own-disaster/
http://bizblog.blackberry.com/2016/04/no-warning-5-reasons-weathering-a-crisis-without-a-secure-communications-network-is-its-own-disaster/#respondTue, 05 Apr 2016 12:00:20 +0000http://bizblog.blackberry.com/?p=18162/ Read More]]>In the midst of an emergency, communication makes all the difference in the world. Civilians need to be alerted so they can be brought to safety, and emergency responders need to know the scope and scale of a disaster to effectively mitigate it so they can be kept safe. A crisis communications system that allows information and alerts to be shared instantaneously is essential.

But what happens when those involved in a disaster have no such system in place? What happens when, unlike Macquarie University in Australia or San Diego’s Naval Medical Center, an organization can’t provide those involved in a crisis with the information they need? These questions were discussed at length in a recent AtHoc event in Australia, attended by several leaders in government, crisis communications and security.

“Pandemonium is one of the expressions that best describes such an emergency,” says Brisbane-based crisis management specialist Peter Rekers, CEO of Crisis Ready. “I wasn’t in the operations center on the day of the Lockyer floods, but this kind of natural disaster was unprecedented in the area. My gut feeling is that the teams did the best they could with limited information, in very difficult terrain. As in any emergency situation, there would have been a whole lot of people who knew their jobs, knew what they were trying to find out, and had to build a picture on their own, without clear information from the field.”

According to Rekers, the time between when a crisis occurs and when emergency responders have the necessary information to act can often be upwards of two hours. During that timeframe, in the absence of effective internal communication, third-party sources sometimes have more information about the event than emergency teams.

2. Relying On Third Parties Guarantees a Delayed Response

When news media is your best source of real-time information, that’s a problem. It’s inefficient, and verification of news reports introduces a delay that emergency responders cannot afford. To best ensure everyone’s kept safe in a crisis, an organization must already be in the process of responding by the time the media starts talking about it.

“During the Queensland floods, the government’s emergency alert system activated after the flooding occurred in the Lockyer Valley,” continues Rekers. “If there’d been the ability for people to report directly what was happening, they could have potentially sent out alerts in time to evacuate.”

3. The Information You Do Have Will Probably Be Inaccurate

Rekers recalls an incident in 2006, when the town of Innisfail, Australia was struck by Cyclone Larry. Throughout Queensland, the storm resulted in roughly A$1.5 billion ($1.1 billion USD) in damage. At the time, this made Larry the costliest tropical cyclone to ever impact Australia.

During the storm, Rekers and his team received a call from the town’s mayor. They were only able to make out one word before the call dropped: devastation.

“Imagine that moment,” says Rekers. “That was all we had for guidance. We literally started to organize a truck with body bags, because that’s what we thought we were going to need up there. It took two hours before we got decent enough connectivity that we were able to get a clear picture of what was happening there.”

Now imagine that instead of one phone call, you’re looking at twenty or more Facebook posts, tweets, and blog posts. Each piece of content provides only a partial picture of a crisis, and each of could be leaving some details out, or exaggerating others. People aren’t going to stop to verify their tweets during a flood, nor are they going to make sure their Facebook posts are 100% accurate during an earthquake or terrorist attack.

In a large-scale emergency, there are often multiple guards, police, firefighters, and paramedics, each part of a different organization. If one team flying blind is ‘pandemonium’, several teams – all operating on slightly different information – is worse. There is no way one can expect a coordinated response in such a situation.

“During the 2014 Sydney hostage crisis, there were all sorts of different emergency teams and agencies involved – the Australian Federal Police, the New South Wales Police, and paramedics,” explains AtHoc Director of Alliances and Channel Sales Adrian Szwarcburg. “In a scenario like this, personnel are often using different systems – which can result in a great deal of confusion as things unfold. I can’t comment on what they have in place, but in this kind of environment, it is obviously ideal to be able to connect all those systems and frequencies in a seamless way to enable different agencies to contact each other.”

5. Post-Crisis Liability Is a Disaster After the Fact

Particularly in industries such as healthcare and government, it’s imperative that records are kept of communication during a crisis, including details on whether or not messages have been received.

Without those details, agencies or individuals could be held accountable if someone does not respond adequately to a crisis after being notified. Even if they ignored your message, there would be no record of your efforts to reach them.

Depending on country or region, this could mean anything from lawsuits to regulatory penalties.

“If in a crisis you try to notify a key person through four or five different devices, you need to be able to tell if they’ve received the message,” says Szwarcburg (pictured right). “Let’s say you contact them through a phone call, and it goes to their voice mail or they pick up and hang up without responding. You need an audit trail, so you can say with certainty that you’ve reached out.”

The AtHoc Solution

AtHoc provides one of the most complete, interoperable crisis communications tools available globally today. Its two-way reporting and auditing ensure that lines of communication are never interrupted during a crisis, while AtHoc Connect allows the platform to serve as a platform-neutral bridge between different organizations. By making use of AtHoc, your organization retains total control over the messages it sends out during an emergency situation, ensuring a quicker, more effective response across the board.

Perhaps one of the best examples of AtHoc’s capability is how it was deployed by the Canadian Government. After a shooting at the Canadian House of Parliament back in October 2014, the government re-evaluated its security. Eventually, it rolled out AtHoc, which leveraged existing networked PCs, email, mobile phones and in the near future – building alarms, CCTV and other devices into a unified system to alert and account for the people working at the Parliament in times of crisis.

AtHoc’s Szwarcburg says, “During the incident, responders couldn’t effectively communicate, either internally or with one another. It took them almost 90 minutes to work out whether or not everyone was safe. Since then, they’ve deployed AtHoc, and brought their response time down to 90 seconds. The results speak for themselves.”

In an emergency, every second counts. Without a crisis communications tool, your organization is left fumbling in the dark during an emergency, wasting valuable time. Thanks to its two-way reporting, targeted messaging, and interoperability, AtHoc ensures that when disaster strikes, you’re ready to strike back. Learn more about what it can do for your business here.

]]>http://bizblog.blackberry.com/2016/04/no-warning-5-reasons-weathering-a-crisis-without-a-secure-communications-network-is-its-own-disaster/feed/0Weathering A Crisis Feature ImagegeorgielizhartEmergency Responder CommunicationsSpeeding Ambulancehurricane picNew York City Crane CollapseAdrian SzwarcburgAtHoc IdentityPreparing Your Community for Crisis Communicationshttp://bizblog.blackberry.com/2016/03/preparing-your-community-for-crisis-communications/
http://bizblog.blackberry.com/2016/03/preparing-your-community-for-crisis-communications/#respondTue, 15 Mar 2016 16:00:03 +0000http://bizblog.blackberry.com/?p=18018/ Read More]]>It’s impossible to know exactly when – or where – the next crisis will strike. But with the technology available in today’s connected world, there is more possibility than ever before for communities to be ready and prepared to handle a crisis event.

More local governments – such as Contra Costa County in California – are setting up mass notification systems that keep thousands of residents safe and informed in the event of an emergency. And new communications technology is bridging the gap between disparate local agencies – from port authorities to fire departments – so they can interact rapidly under unified communications channels to ensure a coordinated response.

One example of the innovation underway to prepare a community for crisis is around Puget Sound in Washington. With approximately 4.3 million residents across 90 cities, the region surrounding Puget Sound has stakeholders from public safety, private sector and maritime independently working on elements of public safety in a crisis.

The Seattle Police Department decided the maritime community performs better when groups are working together, so it spearheaded a central crisis response network. After a tremendous amount of time, gathering requirements, reviewing software and obtaining grants from users and stakeholders, WA-COP was created. A command and control platform for public safety organizations in and around Puget Sound, WA-COP provides public and private access to the same information to help make rapid security decisions.

The overall vision of this program is to implement a shared information environment for first-responders and private entities that have a stake in the maritime transportation system. Users can create customized personal dashboards, share status information or track the progress of any given incident. This is especially important for those trying to spread pertinent information regarding an incident which may affect other Puget Sound partners. WA-COP is made possible in part through BlackBerry’s AtHoc Connect, as well as AtHoc’s mass notification solution, which is used to alert and communicate with anyone in the region during emergencies or daily operations.

It takes a dedicated effort to prepare for crisis communications, but the end result is worth it. By having the ability to share critical information across security agencies, any community can nimbly respond to a crisis. That keeps our community running and can save lives.

In the aftermath of crisis and tragedy, it is natural to ask what could have been done better to protect employees. And it’s a question that deserves to attention at the highest levels of management. But a more important question asks what we can do now to prevent or lessen the damage inflicted during the next crisis event?

With active shooter tragedies from San Bernardino to Paris in recent memory, as well as natural and cyber disasters across the globe, many business leaders realize that comprehensive emergency planning is becoming more than a stand-by operation but a pressing 2016 strategic priority.

At BlackBerry’s AtHoc, our mission is to make the world safer for organizations and their people. As the leader in networked crisis communication, AtHoc is used worldwide for every type of emergency. We help safeguard millions of people and thousands of organizations – including the vast majority of U.S. civilian and military federal government personnel, global corporations, industrial giants, healthcare institutions and universities.

So we asked ourselves, “How can we do more to equip people with the information they need in times of crisis?”

Helping the C-Suite Plan for Emergency

Over the coming weeks, we will publish an ongoing content series designed to address Emergency Preparedness & Planning. Our intention is to help organizations looking for proactive ways to improve their employee safety capabilities in times of crisis. Using industry best practices gained from our unparalleled experience, our experts will be providing insightful and practical guidelines for planning, training and exercising emergency situations across the spectrum of man-made and natural disasters. This information will be useful for any executive for whom employee safety is a responsibility and concern. No environment is zero-risk, and we all share the desire to take proactive measures when it comes to the safety of our employees.

As leaders of organizations, business continuity is our responsibility and we need to be prepared to address business disruptions of all types, from supply chain management issues to cybersecurity breaches. There is no greater responsibility we have though than the safety of our people. An employee-focused business continuity plan means not only having the right plans in place to ensure employee safety for unforeseen events, but also having the ability to immediately communicate with employees to ensure that those plans are being executed. Our employees deserve every single resource we have to offer in times of emergency – it’s our duty.

To learn more about how AtHoc can help your business more effectively manage a crisis, tune in to our webinar, “Introduction to AtHoc: The Secure Messaging Division of BlackBerry” on February 2, 2016 at 10 AM EST. You can register here.

]]>http://bizblog.blackberry.com/2016/01/the-c-suite-guide-to-emergency-management/feed/0disasterplanlincogroup1policelinedisasterplanAtHoc Captures $20MM, Multi-Year Contract With U.S. Veterans Administrationhttp://bizblog.blackberry.com/2016/01/athoc-captures-20mm-multi-year-contract-with-u-s-veterans-administration/
http://bizblog.blackberry.com/2016/01/athoc-captures-20mm-multi-year-contract-with-u-s-veterans-administration/#respondMon, 18 Jan 2016 16:23:03 +0000http://bizblog.blackberry.com/?p=17475/ Read More]]>The U.S. Department of Veterans Affairs (VA) must function both as a critical government agency as well as one of the nation’s largest healthcare organizations. Thus, the VA has to be constantly ready to respond to a any crisis while maintaining a high level of service during the event. Clear communication is one of the biggest requirements to effectively manage a crisis situation, and it can also be one of the weakest links.

To ensure they can communicate effectively, the VA has signed a $20 million, multi-year contract to continue and expand its use of AtHoc, a BlackBerry subsidiary and the pioneer and recognized leader in networked crisis communication. AtHoc reseller Four Points Technology will implement the contract, and enable VA to communicate with, account for and protect its 600,000 VA personnel, as well as contractors and visitors during crises. The system includes alerting across telephones, text, pagers, fax, desktops, smartphones, as well as integration with other VA systems such as digital media systems.

VA has been actively using the AtHoc system for the past four years, including during National Level Exercises, day-to-day operational VA events as well as significant real-world events such as Hurricane Sandy in 2012 and the Washington D.C. Navy Yard shooting in 2013. In each of these events, the AtHoc solution enabled VA to communicate with employees and deliver up-to-the minute information about VA operational status.

The AtHoc networked crisis communications platform will support the VA Notification System (VANS) and VA Personnel Accountability System (VA-PAS). VA-PAS is used by VA for all types of crisis event management as well as day-to-day operations. VA uses it to streamline operational response activities and protect VA staff and contractors with a secure, state-of-the-art system designed to provide real-time status of all users and provide immediate reports on the status of all employees. The system captures all responses and automates the processes for real-time corrective action for those in need, as well as monitoring status of those able to work during a crisis.

The nation’s military veterans are counting on the VA – and the thousands of people who work for the agency – to help and protect them and their health, so the VA must be able to immediately communicate with its personnel or the people at risk in the event of a crisis.

Recognizing the significance of the $20 million contract award, John Chen, Executive Chairman and Chief Executive Officer, BlackBerry, said, “We are proud to continue to provide this critical life safety system to the VA, and look forward to continuing our work together to build an innovative and secure enterprise crisis communication network.”

During a time of an emergency in an airport environment, it can be difficult to effectively communicate without the proper infrastructure in place. Aging communications systems, legacy technologies and incompatible systems are challenges for many airports, and the difficulty lies in economically transitioning the functionality of standalone systems into a single unified experience for all constituencies. With modern technologies that support interoperable communication, airport operators can more effectively inform their tenants, surrounding networks and broader community to coordinate a timely response during the time of a crisis.

The term “interoperable communications” is the ability for the different communications systems that organizations utilize to exchange critical information during an emergency. Interoperability has the potential to save lives and provides safety within the physical, cyber and public state. To ensure public safety on airport properties across the globe, airport emergency operators should consider some best practices, as outlined below by AtHoc, a division of BlackBerry, to improve operational efficiency and interoperable communications.

Improve collaboration between public and private agencies
One of the biggest challenges airports face is the ability to effectively communicate and collaborate throughout all the divisions. Oftentimes public and private entities from retail vendors to federal government authorities have isolated means of communication. Each airline, cargo company, maintenance business and vendor has their own organizational process, procedure and culture. In an emergency situation, these individual communication systems and relationships can put the alerting process under tremendous strain. In order to provide seamless communication, it’s essential that the entire community operate as an interconnected network. With the right communications systems in place, operators can alert thousands of staff at once, and collaborate with the appropriate personnel to handle the front end of an emergency. There are technology solutions available today that offer solutions to this challenge. See below for more information.

Provide emergency response training to all airport employees, not just security personnel
There’s an increasing need for basic emergency response training and understanding of how the airport’s emergency response program operates across the board. These various response training sessions should include all airport employees, including vendors and groups that have partnerships with the airport. Phoenix Sky Harbor Airport, for example, is looking to implement a computer-based training module which will provide all airport and contract employees a coordinated plan of what to do and when do it during an emergency.

Manage control and permissions with secure failover systems
To improve coordination between departments, airports must address how to share information internally. Control and permissions should be adjusted across the organization with access granted to appropriate individuals to ensure that the public sees necessary information at the time that they need to see it. As this happens, it is essential that security is ingrained into the system. By statute and as a business practice, personally identifiable information, confidential operational information and other critical data need to be protected and stored in secure failover systems, especially when essential details must be revealed on very short notice and to specifically targeted populations.

How to optimize human and technological communication methods to address emergency communications challenges

Discussion of the issue of interoperability as it relates to the full spectrum of communication modes (radio, telephone, eMail, SMS, digital displays)

Directly from practitioners at Dallas Ft. Worth International Airport and Phoenix Sky Harbor Airport who deal with the complexities of airport collaboration during routine operations and during crises:

]]>http://bizblog.blackberry.com/2016/01/secure-crisis-communications-in-airports-best-practices-to-create-interoperable-networks/feed/0Electronic datalincogroup1Elegant businessman using touchpad in airportSecurity Visible At Nations Airports Prior To 4th Of July CelebrationsWhy Hackers Want You to Keep Your Voice Communications Unprotectedhttp://bizblog.blackberry.com/2015/12/why-hackers-want-you-to-keep-your-voice-communications-unprotected/
http://bizblog.blackberry.com/2015/12/why-hackers-want-you-to-keep-your-voice-communications-unprotected/#respondMon, 21 Dec 2015 16:56:13 +0000http://bizblog.blackberry.com/?p=17358/ Read More]]>For most business users, making a phone call is as routine as having a morning cup of coffee. For IT and security professionals, any phone or voice communication made on a mobile device poses a significant security and business threat.

Another misconception is that smartphone and mobile device hacking is something that only happens in big-budget spy thrillers featuring high-tech stunts and a computer lab filled with evil foes.

Data theft goes from the big screen to the touchscreen

A 2014 Ponemon Institute survey of 618 IT and IT security practitioners revealed that 63% of respondents believed that data breaches involving mobile devices had occurred within their organizations.

According to a 2014 BlackBerry study of 800 IT and security professionals from around the world, nearly two-thirds of respondents reported that the number of data breaches resulting from mobile devices had increased in the previous year.

A majority, 66% of the professionals in the BlackBerry study, also said that it is difficult for their organizations to keep up with emerging mobile trends and security threats.

Let’s talk consequences…

A phone call on a mobile device may feel like a private exchange between two people, but for determined criminals it’s an opportunity for intercepting the information they are discussing. And with more and more conversations taking place away from the office, the types of information inadvertently exposed can be very sensitive.

Financial — Earnings results, forecasts and budgets

Mergers and acquisition — Partners, targets and purchase negotiations

Research and development — Roadmaps, intellectual property and architecture

Losing data is more than just a drama

In its report The Cost of Insecure Mobile Devices in the Workplace, the Ponemon Institute states the consequences of hacking go far beyond the physical loss of data. Depending on the nature of the information and the organization itself, the risks can include the following:

A damaged reputation

Business disruptions

Loss of business/customers/clients

Regulatory actions/lawsuits

Financial, time and other costs of recovery

The new SecuSUITE for Enterprise provides secure calling and text messaging on mobile devices, across multiple operating systems, including iOS, Android and BlackBerry 10.

You will also lose way more than street cred

According to the 2015 Cost of Data Breach Study, the average consolidated total cost of a data breach was $3.8 million USD, representing a 23% increase since 2013. The cost incurred for each lost or stolen record containing sensitive and confidential information also increased six percent from a consolidated average of $145 to $154 USD.

It’s a boom time for hackers and they’re ready for their close-ups

If it were up to the hackers, they wouldn’t have you change a thing. Your status quo is their time in the spotlight. Don’t let the bad guys win. Treat your mobile security policies and solutions with the respect they deserve and look into intuitive solutions, like SecuSUITE for Enterprise, that work across multiple platforms and carriers, providing end-to-end encryption and peace of mind for mobile voice communication. Read this blog to get an overview of SecuSUITE for Enterprise, which officially became available today, or check out the brochure or data sheet on our SlideShare channel.

]]>http://bizblog.blackberry.com/2015/12/why-hackers-want-you-to-keep-your-voice-communications-unprotected/feed/03d Smartphone with safe door. Mobile security concept.lukereim1Mobile security threatsSecuSUITE-ladySecuSuiteObama’s E-Mail: Lessons Learnedhttp://bizblog.blackberry.com/2015/04/obamas-e-mail-lessons-learned/
http://bizblog.blackberry.com/2015/04/obamas-e-mail-lessons-learned/#commentsTue, 28 Apr 2015 16:49:09 +0000http://bizblog.blackberry.com/?p=16146]]>Big news this past week that U.S. President Barack Obama’s sensitive (but unclassified) e-mails were accessed by Russian hackers. It is surprising this news is surprising. The U.S. government’s unclassified network suffers from the same problems that have led to and will continue to promote other high profile attacks, including Sony, Home Depot, etc. Despite immense expenditure on IT security, these organizations are at the mercy of well-funded, sophisticated attackers, because computing infrastructures are fundamentally flawed, due to the following “Trifecta of Death”:

widespread use of general-purpose computers

computers connected to the Internet

large number of humans accessing those computers

Most enterprise computing platforms, from Windows PCs to Linux/Apache web servers, were never designed to protect against sophisticated attackers. The operating systems have poor privilege models, enabling vulnerabilities in massive middleware packages (like Flash and Java) to be exploited for total security bypass.

Any organization with a large number of users (the U.S. State Department has 34,000 employees) is an easy spearfishing target, no matter how much IT trains users.

And because users and computers in large enterprise networks require Internet access, one spearphish is easily converted into complete control via Internet-borne malware. The commandeered system can then be used to leisurely explore and infect the rest of the network, aiming for more juicy targets – like archived e-mail.

How can enterprises address this problem? The enterprise must first understand its high value resources – where disclosure or loss of function would have catastrophic consequences. For a tech company, this might be some source code, designs, or strategic plans. For a pharmaceutical or beverage company it might be product formulas and research. For a money management firm, it might be the PII and financials of its wealthiest clients. For a hospital, it might be the network managing robotic surgeons. Enterprises must not expose these digital crown jewels to the Trifecta.

Avoiding the Trifecta means employing strict network segregation, where the crown jewels are colocated in partitioned computing resources, accessed only by operating environments that are not (ever) connected to the Internet. This may seem heavy-handed, and many scoffed at former US Cybercom chief Keith B. Alexander’s call for an isolated network for critical infrastructure, but he was spot on. The trick is to ensure segregation does not stifle productivity. Obama accesses information from a plethora of operating environments (BlackBerry devices, tablets, laptops, desktops), each never permitted to cross classification boundaries.

But few people in the corporate world would tolerate having to manage such a large set of computers. Solutions like BlackBerry Balance on mobile devices and virtual machines on laptops and desktops can be used as multi-network access solutions. Entry into the ultra-sensitive network from PCs should be guarded by VPN and dual-factor authentication – but allow users the convenience of using their mobile device as the secondary authenticator.

Finally, limit access to the ultra-sensitive network to the smallest possible group with need-to-know and encrypt data (e-mail, files). If the network grows too large, consider further segregation. In the Obama e-mail exposure, it was reported that his BlackBerry device and communications were never accessed. In addition to the obvious security advantages of a BlackBerry device, Obama’s BlackBerry contacts are purportedly limited to only 10 to 20 people.

In order to protect high value resources against sophisticated attack threats, follow these least privilege, defense-in-depth guidelines, anchored by strong network isolation made user-friendly by trustworthy multi-platform access solutions. And for those networks with many users and connections to the Internet: expect their data to be disclosed, just like Obama’s unclassified e-mail. All the expensive firewalls and UTMs in the world won’t prevent that. Don’t be the next front-page story!

]]>http://bizblog.blackberry.com/2015/04/obamas-e-mail-lessons-learned/feed/11391166448-22-david-kleidermacheriotdavekHillary Clinton’s E-mail: Lessons Learnedhttp://bizblog.blackberry.com/2015/03/hillary-clinton-email-lessons-learned/
http://bizblog.blackberry.com/2015/03/hillary-clinton-email-lessons-learned/#commentsMon, 16 Mar 2015 16:39:01 +0000http://bizblog.blackberry.com/?p=15844/ Read More]]>Hillary Clinton’s alleged use of a personal e-mail account for sensitive government communication has received lots of media attention. Clinton’s stated reason for using the private account was an unwillingness to carry two devices: one for personal use and one for work. TV pundits speculate on her motives and how mobile technology may have been used or abused. But if we move past the politics, what should we really take away from this situation?

First, security depends on humans, as well as technology, doing the right thing. POTUS could tweet top secret information but chooses not to. We must always think how to minimize privilege, including access to sensitive information. Secondly, technologists must make security easy to use — otherwise users will intentionally or inadvertently circumvent controls in order to get their jobs done.

Another aspect important to understand is the impact of government regulation on mobility for people like Clinton: current U.S. policy does not permit concurrent access to general Internet services and a classified network on a single commercial smartphone. This is known as a “cross-domain solution” (CDS), and so far cross-domain access is limited only to specialized PCs and thin clients operating in physically-secure locations.

Of course, CDS policy does not apply to enterprises or the vast majority of government users. For more than a decade, BlackBerry has offered the ability to manage multiple e-mail accounts on a single device, and BlackBerry’s Secure Work Space products go much further, enabling users to access their full suites of private/personal and work applications and data, securely isolated on any device – BlackBerry, iOS, or Android.

BlackBerry works hard to make jumping between work and personal content a great user experience, and we apply the same security-by-simplicity mantra to IT – ensuring our BES enterprise mobility management platform is easy to deploy and administer. Of course, there are tens of thousands of man-years of BlackBerry security investment and know-how under the hood, ensuring privacy for the personal domain and security for the work domain. But mobile security technology must always treat productivity as a first-class requirement.

Overshadowed by last week’s news about the data breach at health insurer Anthem Inc. was the Obama administration’s release of its 2016 budget proposal, which earmarked $14 billion for cybersecurity and other key security areas related to “maintaining technological superiority.”

Read our new Chief Security Officer David Kleidermacher’s blog to learn more about Anthem, or read on to learn more about Obama’s proposal. But together these news beg the question: How is your enterprise ensuring it is protected against Anthem-type breaches?

Clear and Present Danger

As Obama’s budget states: “Cyber threats targeting the private sector, critical infrastructure, and the Federal Government demonstrate that no sector, network, or system is immune to infiltration [and] addressing these threats requires a comprehensive approach.”

BlackBerry CEO John Chen spoke to this recently in an op-ed written for The Hill. He wrote that with cyberattacks on the rise, “no organization or government entity can assume that their employees’ personal and business data are protected.”

“From Target to JPMorgan to Healthcare.gov, breaches are happening all around us,” Chen wrote, and “they are escalating in both prevalence and sophistication, and experts agree that there is no end in sight.”

The budget targets the need to “respond to cyber threats and incidents once they have occurred . . . and maintain efforts to increase the Nation’s cyber workforce” with the protection of the government’s information and information systems “critical to protecting national infrastructure.”

Importantly, the budget “funds key investments to enhance the Federal Government’s cybersecurity posture . . . These resources will allow the Government to more rapidly protect American citizens, systems, and information from cyber threats.”

As ComputerWorldpointed out in a related article by Patrick Thibodeau, the US government aims to increase its cybersecurity spending by 10%, with the money allocated to improve technology and fund investigations.

“The increase in security spending is helping to bring overall IT spending in the proposed 2016 budget to $86 billion, an increase of about 2%,” Thibodeau wrote.

Which way is your organization’s cybersecurity investment headed – up or down?

Leading the Industry

Mobile devices are a potential entry point for hackers and their malware. If you’re considering solutions to plug your mobile security gaps, our cross-platform solution is well-positioned to help deliver those security gains and satisfy the needs of both enterprises and government agencies. BES12 supports iOS, Android and Windows Phone devices and provides the confidentiality, integrity and authenticity to help protect your organization from data loss and theft.

Furthermore, as the leading EMM provider, BlackBerry counts all G7 governments and 16 of the G20 governments among its customers.

For even more proven security, consider devices running the BlackBerry 10 platform, which is the first to obtain a coveted approval from the U.S. Defence Information Systems Agency (DISA) for Full Operational Capability on U.S. Department of Defense networks.

Nextgov also pointed to BBM Enterprise’s (formerly known as BBM Protected) secure messaging as a feature primed for government use, which was echoed by another piece by Tech Times’s Robin Parrish, who wrote, “BBM Enterprise offers high-level security by utilizing the FIPS 140-2 validated cryptographic library, the same security standard used by the U.S. government to accredit cryptographic modules . . . BBM Enterprise should hold strong appeal for government workers, law firms, and other environments where secrecy is essential. It’s no coincidence that those agencies and businesses are BlackBerry’s most faithful customers.”

Meanwhile, FedScoop recently evaluated the BlackBerry Passport and declared: “BlackBerry Passport’s security, functionality features could appeal to feds . . . [F]or government usage, this might be the right balance of security and functionality. It’s conceivable that quite a few agencies could standardize on the Passport and the secure BlackBerry 10.3 operating system, helping employees reap the productivity rewards that a mobile workforce can offer — but without the vulnerabilities that doing so normally entails.

A Committed Partner

“As a committed partner to the U.S. government, BlackBerry looks forward to meeting the future needs of government mobility and security,” Chen wrote in The Hill. “It is imperative that the federal government formalize policies to encourage smarter, more secure mobility before it is too late. While there are many unresolved challenges that lie ahead, government users can immediately protect themselves by choosing solutions with secure endpoints, and we are here to help.”

Still, Chen had a word of warning, in light of the changing landscape and magnitude of cyberattacks.

“Unless technology decision makers within the U.S. government implement stricter security standards and take proactive and strategic steps to protect sensitive information, we are facing a potential security crisis. These leaders must ensure that all mobile solutions and devices are certified and meet stringent security standards before they are permitted to access the government’s networks.”

If the U.S. Government holds true to the objectives laid out in the 2016 Budget Proposal, the United States will chart a course of credible, actionable security capable of fending off impending threats in a brave new world.

]]>http://bizblog.blackberry.com/2015/02/u-s-gov-cybersecurity-budget/feed/0513647471wordsmithtechguy513647471Gearing Up for Gartner Symposium/ITxpohttp://bizblog.blackberry.com/2014/10/gearing-up-for-gartner-symposiumitxpo/
http://bizblog.blackberry.com/2014/10/gearing-up-for-gartner-symposiumitxpo/#respondFri, 03 Oct 2014 19:27:33 +0000http://bizblog.blackberry.com/?p=14486/ Read More]]>Once again, BlackBerry will be attending the annual Gartner Symposium/ITxpo in Orlando, Florida October 5-9. With a robust agenda of the hottest topics in IT and business, industry defining mastermind keynotes, hundreds of solution providers and the opportunity to network with more than 6,000 peers, Gartner Symposium/ITxpo is the world’s largest gathering of CIOs and senior IT executives.

On Sunday, October 5 at 4:45pm BlackBerry’s Michael K. Brown will be presenting “BlackBerry: Expanding Government Mobility in the Face of Rising Cybersecurity Threats.” During the 30 minute discussion, Brown will discuss how technology decision makers within the government can enact policies to help all employees have a better understanding of the best practices for mobile security. Such policies include: educating employees about potential threats, selecting trusted technology, and separating work and personal data.

If you’re attending Gartner Symposium, come and visit the BlackBerry booth (#945) on the ITxpo show floor. We’ll have giveaways and additional information on how companies migrating away from BlackBerry continue to be just a myth. We will also be demoing BlackBerry Enterprise Service 10 (BES10) at the booth and provide a hand-on opportunity for attendees to experience the BlackBerry Passport.

]]>http://bizblog.blackberry.com/2014/10/gearing-up-for-gartner-symposiumitxpo/feed/0Gartner IT Expo1alrehman81Gartner IT Expo5 Reasons Why Competitors Fail to Imitate BlackBerry’s Government-Grade Securityhttp://bizblog.blackberry.com/2014/08/government-grade-security/
http://bizblog.blackberry.com/2014/08/government-grade-security/#respondFri, 22 Aug 2014 10:57:15 +0000http://bizblog.blackberry.com/?p=14119/ Read More]]>Earlier this month, 25-year-old Rory McIlroy won the US PGA Championship, his third consecutive tour victory and second major championship in less than a month.

McIlroy’s most astounding accomplishment in taming the most demanding courses in the world is making it look easy. But what’s also well-known among golfers is that the effortlessness displayed by McIlroy is a product of intense discipline and – almost literally – a lifetime of honing his skills.

As a head of BlackBerry’s global security advisory team, I have observed first-hand how multiple national governments have discovered the hard way that mobile security is far from easy and that BlackBerry’s end-to-end solution, which strikes the optimal balance of risk mitigation and end user productivity, is not easily imitated.

The Real Deal

Outside of the BlackBerry customer base, there have been a number of well-funded attempts to deliver BlackBerry-like mobile security. They were largely technology-driven approaches that combined containerization techniques, customizations and modifications of mobile operating systems, and a familiar handheld that was supposed to appeal to the end user.

The results, in some instances, have been spectacular failures. While some of these projects made it into the hands of end users, none delivered the value that was promised and, not surprisingly, all shared a similar destiny: gathering dust in users’ desk drawers. No wonder we don’t hear much about them after their initial pompous announcements and launches.

Those projects crumbled under the pressure to meet competing requirements of three different types of stakeholders:

National security authorities, who evaluate a solution’s end-to-end security and compliance;

IT management, which needs a cost-effective and productive enterprise solution that scales well;

End users, who need an easy-to-use, fun, high-performing handheld for both work and play.

Here are the top five reasons why attempts at imitating BlackBerry’s productivity-enabling approach to security have been unsuccessful:

Critical capabilities important to end users and IT managers got sacrificed as collateral damage in the process of meeting security requirements. Technology-driven approaches, including hypervisors and thin clients, failed because though they addressed most obvious security issues, in reality they delivered miserable user experiences that road-blocked productivity and were rejected by employees.

Productivity, enterprise integration, and application strategy ended up deprioritized and an afterthought, leaving stakeholder IT teams to unsuccessfully cobble together the required work productivity tools and apps that should have come out of the box.

Solution complexity was severely underestimated, resulting in ever-slipping project schedules, spiraling costs, and the loss of IT flexibility that is required for successful business process mobilization.

In spite of their focus on security, these solutions ultimately failed to ensure that security and quality metrics were consistently met, because they were developed by vendors that lacked any mature Secure Software Product Life Cycle (SDLC). So much about security still remains with what you don’t see – how the secure product is actually designed, developed, tested and certified, and supported with mature and capable security response processes. The security solution that is full of defects and deficiencies will sooner or later transform your risk to financial loss.

The product architecture that was too hardware-dependent resulted in user devices that were already a generation out of date upon project completion. These solutions lacked a sustainable forward upgrade path, enabling customers to consistently refresh their device fleets with the latest models.

Security as Productivity Enabler

I’ve helped many organizations that have chased this BlackBerry-like approach to mobile security to eventually become BlackBerry customers. Those who tried piecemeal after-market solutions that mimic BlackBerry can easily recognize the product excellence that comes when core competencies are in their DNA.

In addition to the squandering of financial resources, these technological detours also impose productivity penalties. Enterprises that lack a rock-solid security foundation remain barred from realizing the business-transforming benefits of workforce and business process mobilization.

At the end of the day, enterprise mobility is all about helping organizations reach new productivity heights. Security’s essential purpose is to provide a foundation for business transformation by removing any risk roadblocks to new mobility projects. And like all foundations, security must be architected together with the rest of the structure it needs to support, but implemented timely and rigorously.

Similarly, you can’t manufacture experience overnight. You can’t accumulate a pedigree through partnering. There is no shortcut that can substitute for all the deliberate choices you must make over time as you build your core competencies and knowledge that allow you to excel at creating elegant solutions to complex problems.

Thus, the dream that someone in your neighbourhood will be able to piece together a BlackBerry-like solution continues to elude government customers when the need for secure communication is greater than ever.

It doesn’t matter how athletic you are, how much money you have, or who you know. You’re never going to give Rory McIlroy a run for his money after only a couple of lessons.

Stay Tuned

This is the first in a series of blogs exploring real-world mobile security issues encountered in the field. Upcoming entries will dive more deeply into shortcomings associated with attempts to build secure enterprise mobility solutions atop consumer-grade platforms.

]]>http://bizblog.blackberry.com/2014/08/government-grade-security/feed/0Government_ SecurityspatkovicUK’s David Cameron Latest World Leader to Affirm that He Runs on BlackBerryhttp://bizblog.blackberry.com/2014/08/world-leaders/
http://bizblog.blackberry.com/2014/08/world-leaders/#respondWed, 20 Aug 2014 16:55:58 +0000http://bizblog.blackberry.com/?p=14104/ Read More]]>It’s well-known that the heads of the most powerful countries in the world choose BlackBerry smartphones, for the strong security, productivity and connectivity that they provide.

They include U.S. President Barack Obama, Canadian Prime Minister Stephen Harper, German Chancellor Angela Merkel – who along with many other senior German officials use BlackBerry devices enhanced with super-strong anti-surveillance technology from our recently-acquired firm, Secusmart – Denmark’s Prime Minister Helle Thorning-Schmidt, who used her BlackBerry Z10 to take a famous selfie with Obama and another user, British Prime Minister, David Cameron, late last year.

Caption: German Chancellor Angela Merkel and UK Prime Minister David Cameron both rely on BlackBerry devices to run their respective governments.

It was Cameron who was publicly declaring his reliance on BlackBerry this week. A long-time BlackBerry user, Cameron declared that even while on his annual vacation to Wales, he would have no trouble running British governmental affairs from his BlackBerry device.

“Wherever I am in the world, I am always within a few feet of a BlackBerry and an ability to manage things should they need to be managed,” Cameron told the media. “And indeed as I have done on I think almost every holiday that I have enjoyed over the past few years, I am able to return instantly should that be necessary.”

The UK government under Cameron has already banned iPads from high-level Cabinet meetings for fear that the devices could be bugged by foreign intelligence agencies, reported The Telegraph earlier this month.

Meanwhile, Australian foreign minister Julie Bishop (above) had her iPhone confiscated by Australian intelligence officials after they discovered that it had been hacked during tense negotiations related to the Malaysian Airlines flight MH17 shot down in the Ukraine last month that killed several hundred passengers.

According to Stacy Crook, mobility analyst at IDC: “The STIG certification serves as an indication that BlackBerry Secure Work Space for iOS and Android is well positioned to meet the strict security requirements that many enterprise and government agencies require.”

As a chosen mobile solutions provider for all of the G7 governments, BlackBerry already held more than 70 government certifications. The BlackBerry 10 platform remains the only mobility solution to receive the coveted Full Operational Capability (FOC) certification to run on Department of Defense networks.

Obtaining STIG approval for Secure Work Space on iOS and Android shows how BlackBerry can secure other leading platforms. It’s more proof that BlackBerry is the only true cross-platform Enterprise Mobility Management (EMM) vendor around today. No wonder so many governments and their leaders continue to put their confidence in the high security that BlackBerry can deliver.

]]>http://bizblog.blackberry.com/2014/08/world-leaders/feed/0DCericylaiGerman Chancellor Angela Merkel Meets WIth David Cameron At ChequersState Funeral Held For Actor Bud Tingwelldv1282020Q&A: Jeffrey Ait Shares His Thoughts on Government Mobilityhttp://bizblog.blackberry.com/2014/08/qa-jeffery-ait/
http://bizblog.blackberry.com/2014/08/qa-jeffery-ait/#respondTue, 19 Aug 2014 15:10:34 +0000http://bizblog.blackberry.com/?p=14096/ Read More]]>Please join the Inside BlackBerry for Business Blog in welcoming Jeff Ait, BlackBerry’s new Vice President and Head of the U.S. Public Sector, who is based in Washington, D.C.

Jeff, who was recently featured in The Washington Business Journal’s “People on the Move,” joins BlackBerry from Good Technology, where he served as Director of the Public Sector. A 30-year veteran in the technology industry, Jeff brings extensive experience in the government sector and BlackBerry is fortunate to have him join the team. Jeff recently sat down with us to share his clear vision for BlackBerry’s role in the public sector and offer his perspective on trends and challenges in government mobility.

BizBlog: You came to BlackBerry from Good Technology. Why did you decide to make the move?

Jeff: I joined BlackBerry because I know what the government is looking for when it comes to mobility, and BlackBerry is best-in-class when it comes to mobile technology. I saw that the U.S. federal government is an extremely important customer for BlackBerry and I felt that with my experience in mobile and the company’s experience with knowing where government is headed, it would be a good fit. Second, I was starting to see government put more and more focus on trying to shift to a more native, user-friendly device experience but still needing security that meets regulatory requirements. BlackBerry is the only company that provides a complete offering with end-to-end security and low total cost of ownership, supported by a strong footprint within the federal government.

BizBlog: You’ve been working in the technology industry for 30 years. How has it changed over that time?

Jeff: The biggest change that I’ve seen is how the industry has moved from a network focus to a device focus to, now, a more data and information focus. I think that security has moved in the same direction. In the beginning, everyone was worried about securing the network and VPN. Working from home and working remotely were very difficult to do. But in the 90s, there was a shift to a device-based focus on security of desktops, and where we’re headed now is focused on protecting the data that’s on mobile devices. The speed of technology has changed dramatically, especially in the mobile space, and I see that affecting how government customers secure their mobile devices and mobile applications. With the speed of innovation, the device lifecycle has shortened dramatically – which is especially true when you talk about multi-operating mobile environments where customers want to provide their users with choice. The rate we’re moving today brings more opportunity but also makes mobility more complex for customers.

BizBlog: Tell us more about your experience working with government customers.

Jeff: I’ve worked with a lot of different government customers and technologies over the years. The biggest challenge is providing security to meet regulatory requirements and matching it to the customer’s mission, particularly sensitive projects. Trying to figure out how to write a single set of policies that meets all requirements is very difficult and it can yield an unsatisfactory user experience. I’m starting to see the government really try to focus on what goals they want to enable with mobile, and then matching the level of security depending on the mission and use case. The government is getting smarter, and using a platform like BlackBerry Enterprise Service 10 (BES10) that provides the ability to have multiple use cases with a single management function is important.

BizBlog: What are your focus areas as Head of U.S. Public Sector?

Jeff: My main focus area is the federal government, as we have a strong and proud history of serving these customers. One unique opportunity for BlackBerry is the Department of Defense (DoD), now that the BlackBerry 10 platform is the only mobility solution that has earned Full Operational Capability to run on their networks. We also will have a revitalized focus on civilian agencies as well as state and local government. We want to build our brand, create awareness and tell the BlackBerry story. Many customers don’t know what our new story is and we want make sure they know about today’s BlackBerry and everything that BlackBerry 10 offers, from devices to apps and messaging to Enterprise Mobility Management (EMM).

BizBlog: What security threats should governments be aware of?

Jeff: Mobile devices are the new edge. In many cases, customers are trying to apply the same security methods and standards that they use for desktops and it does not work the same in mobile. The amount of malware attacks on mobile devices is growing at an alarming rate. There are all types of dangerous threats out there – including new malware variants with evasive capabilities, source code leaks and ransomware – that are going to challenge all mobile users including governments to protect their information on mobile devices.

BizBlog: How is BlackBerry going to stay ahead of the curve when it comes to secure mobility for public sector customers?

Jeff: Security is in our DNA. It’s not an afterthought or add-on. From having the hardware, a secure operating system and a suite of applications that have security embedded into them, BlackBerry is the only Mobile Device Management (MDM) solution out there that provides the necessary level of security to meet the high standards of the DoD. We build everything at the DoD-grade level, and finance, healthcare and other regulated industries benefit from this degree of security from the get-go.

BizBlog: How is BlackBerry adapting to new trends in government mobility, such as consumerization of IT?

Jeff: Federal government users are struggling to adopt BYOD because of legacy issues and legal and policy-based issues. The consumerization of IT is driving cloud-based services with strong policies around data protection and security. If there are BYOD cases that allow iOS and Android, then our Security Technical Implementation Guide (STIG)-approved Secure Work Space enables us to meet those BYOD capabilities and offer agencies a multi-vendor management environment that enables non-BlackBerry smartphones and tablets to be protected as well as BlackBerry devices.

In addition, we are launching services such as the eBBM Suite. The first product in this portfolio is BBM Enterprise (formerly known as BBM Protected) for secure enterprise-class messaging. And once our agreement to acquire Secusmart is complete, it will further enhance our anti-eavesdropping capabilities on voice and data communications.

BizBlog: Switching gears to something more light – what is your favorite thing about living in D.C. area?

Jeff: I was born and raised in the Northern Virginia area and I have lots of friends and family here. This is my third time returning to the area. My favorite things are the four seasons and the close proximity to the oceans and mountains. Additionally, if you’re interested in cultural events and activities, D.C. offers many museums, concerts, shows, phenomenal places to eat, and great places to ride bikes or go hiking.

BizBlog: What device do you use and what are your go-to apps and tools?

Jeff: I use the BlackBerry Z30. My go-to tool is the Hub. It allows me to configure my work email, personal email, text messages, BBM, Facebook and LinkedIn into a single, unified view that keeps my personal and work lives separate from a security perspective, giving me a common interface to see all of my messaging in one place. My go-to tools are my integrated calendar, contacts and my BBM. I’m living on the phone all day long and I still have not run out of battery life a single day.

For more than a decade, BlackBerry has been committed to providing its government customers with top-notch security. Our goal is to secure everything within mobile communications and we have the capabilities and assets to do so. That’s why we have remained a trusted and valued partner to governments across the globe, including each of the G7 governments and 16 of the G20.

By February, 2015, we will have over 70 security certifications and government approvals. We are ecstatic to build on our credentials with today’s announcement that Secure Work Space for iOS and Android has received Security Technical Implementation Guide (STIG) approval from the Defense Information Systems Agency (DISA).

With the Secure Work Space approval, BlackBerry’s entire mobile portfolio, which includes BlackBerry 10 devices and our BlackBerry Enterprise Service 10 mobility management solution, is STIG approved. Achieving these highly coveted certifications is important to BlackBerry because it underscores our philosophy on security and how it should be ingrained in everything we do. We elaborated on the importance of this philosophy during our recent BlackBerry Security Summit in New York City, an event that drilled into how the industry is dealing with mobile security in a mobile-first world.

The Significance of STIG

STIGs are configuration guides that users and administrators use to securely operate products within the Department of Defense’s networks. The guidelines are developed by product vendors in conjunction with DISA to satisfy a set of security stringent requirements, and verified by DISA through conformance testing.

The STIG certification approval for Secure Work Space demonstrates how we provide government customers with an expanded portfolio of mobility options protected by BlackBerry’s unmatched security. With this approval, executives and decision makers in both the public and private sectors can rest assured that sensitive data on iOS and Android smartphones and tablets remains protected and secure, even when transmitted through vulnerable channels. While BlackBerry’s end-to-end experience will always be the paradigm for users with the strictest security requirements. However, Secure Work Space is a viable alternative for government customers that want to provide an expanded selection of devices.

Secure Works Space Recognized and Praised

Secure Work Space has been building quite a reputation recently. In May, Security Products magazine – a media outlet for security professionals – recognized Secure Work Space for its proven ability to provide government entities with secure communications with a Platinum Govies Government Security Award in the category of Access Control. Each year, the Govies spotlight companies for providing outstanding security products and solutions to the public sector in categories critical to security executives and decision makers.

The multiple accolades for Secure Work Space demonstrate how BlackBerry expertly secures multi-platform environments in addition to the most secure end-to-end mobile communications. The STIG is further evidence of BlackBerry’s commitment to secure mobility for enterprises and government agencies, whether they deploy BlackBerry, iOS or Android devices.

High-profile data breaches have made major headlines and escalated public concern about securing sensitive data. Not only are hackers more sophisticated, but they also have more access points than in the past – devices of all types, including computers, tablets and smartphones, are at risk. As a result, it’s more critical than ever to vigilantly protect our nation’s most valuable digital assets, particularly government information that impacts national security.
This week at FOSE – the largest conference for government technology professionals – the issues of cybersecurity and data protection are top of mind. Attendees will hear about a range of emerging technologies developed to prepare agencies for the most complex security challenges that they’ve ever faced.

We always look forward to attending FOSE to listen to the government’s evolving needs and discussing how BlackBerry can rise to meet these challenges. During this year’s event, we’ll be at booth 1109 speaking to technology decision-makers in the U.S. government that are at a critical juncture as they face the difficult task of securing infrastructure while juggling increased demands from employees seeking access to work-related data at any time or location.

(As of February 2015, BlackBerry holds 70+ security certifications and approvals from governments.)

Our goal is to remain the “one stop shop” for trusted end-to-end mobile security. We know how to keep organizations’ data secure – we’ve been doing it longer and better than anyone else – and we have also been a valued partner to government agencies for more than a decade. Because of this experience, we know that cooperation between government entities and the private sector is key to finding the best solutions to maintaining the integrity of technology infrastructures and highly sensitive information.

In just the past few months, BlackBerry reached two milestones by achieving additional government certifications for our mobility platform:

Immediately following the FIPS certification, BlackBerry 10 became the first and only mobility solution to earn the coveted Full Operational Capability (FOC) designation that enables technology to be used on U.S. Department of Defense Networks.

With these security validations, BlackBerry remains the trusted partner of governments across the globe.

If you’re attending the show in person, stop by to see us – and check out our Govies Awards, the Gold-winning BlackBerry Enterprise Service 10 (BES10) and Platinum honoree Secure Work Space for iOS and Android – at booth 1109.

This week, Security Products magazine – a media outlet for security professionals – recognized BlackBerry’s strength and expertise in providing secure mobile solutions for the public sector with two Govies Government Security Awards. BlackBerry was honored in the categories of Data Security and Access Control for BlackBerry Enterprise Service 10 (BES10) and Secure Work Space for iOS and Android respectively.

The Govies honor companies for providing outstanding security products and solutions to federal, state and local governments in categories critical to security executives and decision makers. BlackBerry has been in the business of protecting governments’ mobile communications for more than a decade, and these awards showcase our ability to meet the demands of organizations with the highest security demands. We take great pride in the fact that the public sector trusts us for secure mobile technology – including all seven of the G7 governments and 10 out of 10 of the largest global enterprises in each of the pharmaceutical, law firm and automotive industries.

The Govies recognition complements other recent security accomplishments in the government space. In March, Secure Work Space for iOS and Android became Federal Information Processing Standard (FIPS) 140-2 certified. This means security-conscious organizations, including U.S. and Canadian government agencies, can confidently separate sensitive corporate data from personal content. Immediately following the FIPS certification, BlackBerry 10 became the first and only mobility solution to earn the Defense Information Systems Agency’s (DISA) coveted Full Operational Capability (FOC) designation to run on U.S. Department of Defense Networks.

(As of February 2015, BlackBerry holds 70+ security certifications and approvals from governments.)

For more than 20 years, security has been a core strength for BlackBerry. The Govies awards are another great testament that whether customers need to manage an open, BYOD environment – supported with Secure Work Space for iOS and Android – or a strict deployment of corporate liable devices such as those found in government, they can trust BlackBerry to meet their needs.

We’re very excited to be sponsors of the Public Sector Enterprise ICT Conference (PSEICT) on Tuesday 5 November in London. In case you’re unfamiliar with the event, PSEIC is the UK’s only event to directly address the deployment of the New Government ICT Strategy at an Enterprise-Level.

With over one million government customers across the world, BlackBerry has long been the mobile solution of choice for public sector organisations. In the UK alone, BlackBerry is used by every major Government department, over half of all UK police forces and major bodies including the Ministry of Defence.

During the conference we will be joined by a panel of Public Sector professionals to discuss the following topics:

BYOD, is it relevant within the Public Sector?

How mobilising applications will transform the way front line workers deliver services.

Plus, we’ll look at how ‘joined up government’ will really change our lives.

If you are attending PSEICT, now you have a chance to win the latest all-touch BlackBerry Z30 or the Q10 with its amazing physical keyboard, all you need to do is tweet a picture of yourself in front or at the BlackBerry stand at PSEICT between 9am and 3pm to @BBEMEABusiness. Full Terms and conditions are stated below:

BlackBerry® PSEICT CONTEST

OFFICIAL CONTEST RULES

NO PURCHASE OR PAYMENT OF ANY KIND IS NECESSARY TO ENTER OR WIN. A PURCHASE WILL NOT INCREASE YOUR CHANCES OF WINNING. THESE OFFICIAL CONTEST RULES APPLY TO THE BlackBerry® PSEICT CONTEST (“CONTEST”). CONTEST WILL BE SPONSORED AND ADMINISTERED BY BLACKBERRY UK LIMITED (“SPONSOR”). BY ENTERING, YOU ARE DEEMED TO HAVE READ, ACCEPTED AND AGREED TO BE BOUND BY THESE OFFICIAL CONTEST RULES. THIS CONTEST IS IN NO WAY SPONSORED, ENDORSED OR ADMINISTERED BY, OR ASSOCIATED WITH TWITTER INC. (“TWITTER”).

1. CONTEST PERIOD AND LOCATION: The Contest begins at 9:00am Greenwich Mean Time (“GMT”) and ends at 15:00pm GMT on Tuesday November 5, 2013 (“Contest Period”) at the PSEICT 2013 event taking place on Tuesday November 5, 2013 at: Hotel Russell, 1-8 Russell Square, London WC1B 5BE (the “PSEICT 2013 Event”).

If you are a Winner you must collect your prize from the BlackBerry® stand by 17:30pm GMT on Tuesday November 5, 2013, otherwise you will be disqualified and your prize will be forfeited.

2. ELIGIBILITY: To be eligible, you must: (a) attend the PSEICT 2013 Event; (b) be a legal resident of the United Kingdom; and c) have reached the age of eighteen (18).

Employees, contractors, directors and officers of Sponsor, Twitter and each of their respective parents, affiliates, subsidiaries, distributors, sales representatives, retailers and advertising, promotion and judging agencies and all other service agencies and providers involved with the Contest, and members of the immediate family (spouse, parent, child, sibling and their respective spouses, regardless of where they reside) and households of each, whether or not related are not eligible to participate or win. Void where prohibited by law.

By entering this Contest, entrants agree to abide by these Official Contest Rules and the decisions of Sponsor and any applicable Contest Judges, which shall be final and binding on all matters relating to this Contest.

3. HOW TO ENTER: To enter, follow @BBEMEABusiness on Twitter (https://twitter.com/BBEMEABusiness). Tweet a photo of yourself in front of or at the BlackBerry® stand at PSEICT 2013 Event between 9:00am GMT and 15:00pm GMT on Tuesday November 5, 2013 (“Entry”). All those eligible Entries will be entered into a random draw to award the Prize(s). All Entries must be tweeted by the entrant him/herself within the time outlined to be eligible. There is a limit of one (1) Entry per person and per Twitter account throughout the Contest Period. Any Entries received by any person or Twitter account in excess of the stated limitation will be void. The use of automated devices or any other mechanism that will circumvent the proper conduct of this Contest, whether intentional or otherwise, is prohibited.

Any entrant who intentionally and/or fraudulently provides incorrect personal data may be eliminated at Sponsor’s discretion. In the event of a dispute regarding who submitted an Entry, the Entry will be deemed submitted by the authorized account holder of the Twitter account at the time of entry. Sponsor reserves the right to terminate or re-run the Contest and withhold the Prize(s) if, in Sponsor’s reasonable opinion, there are insufficient Entries.

4. WINNER SELECTION AND NOTIFICATION: At or around 15:00pm GMT on Tuesday November 5, 2013, a random draw will be conducted to select two (2) Entries from among all eligible Entries received. The first Entry drawn will be eligible to win the grand prize (the “Grand Prize”), and the second Entry drawn will be eligible to win the runner-up prize (the “Runner-Up Prize”). The odds of winning depend on the number of eligible Entries received. The eligible Entrants will be informed via Twitter direct message at or around 15:30pm GMT on Tuesday November 5, 2013. If an Entrant is found to not be in compliance with these Official Contest Rules, if prize notification is not responded to by 17:30pm or any Prize is returned as undeliverable or the Entrant is unable to accept the Prize for any reason, the Entrant will be disqualified, his/her Prize will be forfeited and may be awarded to an alternate Entrant at the sole discretion of Sponsor. If the Prize is not successfully claimed by Winner at the PSEICT 2013 Event by 17:30pm GMT on Tuesday November 5, 2013, it will be forfeited and may be awarded to an alternate Entrant at the sole discretion of Sponsor. Before being declared a Winner, an Entrant must provide evidence to Sponsor that Entry photo was taken on a device belonging to Entrant, and may be required to complete, sign and return an Affidavit of Eligibility/Liability Release and, where lawful, Publicity Release, prior to receiving the Prize. Sponsor is not responsible for any change of email address, Twitter handle, mailing address and/or telephone number of Entrants.

Verification of Potential Winners: All potential WINNERS are subject to verification by Sponsor, whose decisions are final AND BINDING IN ALL MATTERS RELATED TO THis CONTEST. An entrant is not a winner of any prize unless and until entrant’s eligibility HAS been verified and entrant has been notified that verification is complete.

5. PRIZES:

Grand Prize: There is one (1) Grand Prize available to be won. The Grand Prize consists of one (1) BlackBerry® Z30 smartphone. Approximate retail value: £500.00.

Runner-Up Prize: There is one (1) Runner-Up Prize available to be won. The Runner-Up Prize consists of one (1) BlackBerry® Q10 smartphone. Approximate retail value: £500.00.

Individually the “Grand Prize” or “Runner-Up Prize”, collectively (the “Prize(s)”).

Smartphone activation, airtime, service, accessories and any other costs not specifically identified as included in the Prize are the responsibility of winner (“Winner”). Sponsor is not responsible for any third-party products or services you may use with the Prize.

Potential Winners who have been notified that they eligible to win a Prize must visit the BlackBerry® stand at PSEICT 2013 Event before 17:30pm on Tuesday November 5, 2013 to enable Sponsor to complete verification of their Entry. Once verified, an Entrant will be deemed a Winner and will receive their Prize. Prizes are not transferrable and must be accepted as awarded with no substitutions in cash or otherwise, except at Sponsor’s sole discretion. Sponsor reserves the right to substitute a prize of equal or greater monetary value if a Prize cannot be awarded as described for any reason. Winners will be solely responsible for any and all applicable taxes and any other costs, expenses and fees associated with accepting and receiving the Prize. In the event any tax withholding is required by law for any Prize, Winners authorize Sponsor to make the corresponding deduction.

GENERAL TERMS

6. LICENSE TO USE: By entering, each entrant grants to Sponsor an irrevocable, perpetual, royalty-free, transferable license of unlimited right, title and interest in and to his/her Entry, including, but not limited to, all copyright and trademark rights therein and thereto and all renewals and extensions thereof, throughout the universe, in perpetuity, for all purposes, in any and all media, whether now known or hereafter devised.

7. INTERNET: Sponsor is not responsible for lost, late, incomplete, damaged, inaccurate, stolen, delayed, misdirected, undelivered, or garbled Entries, emails or tweets or for any incorrect or inaccurate Entry information whether caused by Internet users or by any of the equipment or programming associated with or utilized in the Contest or by any technical or human error or fraud, which may occur in the processing of the Entries. Sponsor is not responsible for computer system, phone line, hardware, software, cable, satellite, Internet Service Provider (ISP) or program malfunctions, or other errors, failures or delays in computer transmissions or network connections. Sponsor is not responsible for any errors whether human, mechanical, electronic, computer, network, typographical, printing or otherwise relating to, or in connection with, the Contest including, without limitation, errors or difficulties which may occur in connection with the administration of the Contest, the processing of Entries, views, postings and/or shares (as applicable), the announcement of the Prizes, or in any Contest-related materials. Sponsor reserves the right at its sole discretion, to disqualify any individual and void his or her Entry(ies) who tampers with the entry process.

8. RIGHT TO CANCEL, TERMINATE, MODIFY OR SUSPEND: If for any reason any aspect of this Contest is not capable of running as planned, including by reason of computer virus, communications network failure, bugs, tampering, unauthorised intervention, fraud, technical failure or any other cause beyond the control of Sponsor, subject to applicable laws, Sponsor may in its sole discretion cancel, terminate, modify or suspend the Contest, or invalidate any affected Entries. In the event the Contest is cancelled or terminated, Sponsor reserves the right to conduct a random draw from among all eligible Entries received up the time of such action. In the event of such an occurrence Sponsor may post a notice on @BBEMEABusiness

9. PRIVACY: Please see Sponsor’s Privacy Policy located at http://uk.blackberry.com/legal/privacy_policy.jsp for details regarding the use of personal information collected in connection with this Contest. By participating, Entrants agree to the collection and use of their personal information for the purposes of administrating this Contest and awarding the Prize(s) and as stated in Sponsors Privacy Policy. Except where prohibited by law, each winner grants (and agrees to confirm this grant in writing, if requested) permission for Sponsor and those acting under its authority to use his/her name, photograph, biographical information, Entry, voice and/or likeness for advertising and/or publicity purposes in any and all media now known or hereinafter invented or developed without territorial and without additional compensation, notification or permission, in perpetuity.

10. RELEASE: By entering, and to the extent permitted by applicable laws, entrants agree: (a) to release Sponsor, Twitter, and any third party retained by or on behalf of Sponsor for the purposes of executing and administering the Contest and each of their respective parents, affiliates, subsidiaries, retailers, distributors, sales representatives, distributors, advertising, promotion and judging agencies and all other service agencies and providers involved with this Contest and each of their officers, directors, employees and agents (collectively, “Released Parties”) from any and all liability, loss or damage incurred with respect to their participation in the Contest and the awarding, receipt, possession, and/or use or misuse of any Prize; and, (b) that under no circumstances will they be permitted to obtain awards for, and they hereby waive all rights to claim, any punitive, incidental, consequential or other damages including, but not limited to attorneys’ fees or other court costs, other than for actual out-of-pocket expenses.

Any waiver of any obligation hereunder by Sponsor does not constitute a general waiver of any obligation to Entrants. By submitting an Entry, you agree that your Entry is gratuitous and made without restriction and will not place Sponsor under any obligation, and Sponsor is free to disclose the ideas contained in the Entry, on a non-confidential basis, to anyone or otherwise use the ideas without any additional compensation to you. You acknowledge that, by acceptance of your Entry, Sponsor does not waive any rights to use similar or related ideas previously known to Sponsor, or developed by its employees or contractors or obtained from other entrants or sources other than you. Released Parties do not guarantee the posting of any Entry and may remove any Entry at any time.

11. GOVERNING LAW: This Contest is governed by, subject to and is to be interpreted, construed and enforced in accordance with the laws of England and Wales without regard to conflict of law principles. Any dispute under these Official Contest Rules shall be subject to the non-exclusive jurisdiction of the courts of England and Wales. You irrevocably waive any objection on the grounds of venue, forum non-conveniens or any similar grounds and irrevocably consent to service of process by mail or in any other manner permitted by applicable law and consent to the jurisdiction of the courts of England and Wales. You further hereby waive any right to a trial by jury with respect to any lawsuit or judicial proceeding arising or relating to these Official Contest Rules.

Any provision in these Official Contest Rules which is held to be invalid or unenforceable for any reason by any court, governmental department, body or tribunal, or in any applicable jurisdiction shall be ineffective to the extent of such invalidity or unenforceability and will not invalidate or render unenforceable the remaining provisions hereof and should any provision be held invalid or unenforceable in an applicable jurisdiction such provision shall not be invalidated or rendered unenforceable in any other jurisdiction.

12. WINNER LIST: For a list of Winners, send a self-addressed stamped envelope to: Ali Rehman, BlackBerry UK Limited, BlackBerry PSEICT Contest, 200 Bath Road, Slough, Berkshire, SL1 3XE, United Kingdom. All requests for Winner Lists must be received on or before Saturday November 30, 2013.

We hope to see you on the 5th November, but let us know what you’re most excited about in the comments or @BBEMEABusiness

]]>http://bizblog.blackberry.com/2013/10/pseict/feed/0biz-pseict-banneralrehman81pseict logoUK Government Releases Mobile Platform Guidancehttp://bizblog.blackberry.com/2013/10/uk-government-releases-mobile-platform-guidance/
http://bizblog.blackberry.com/2013/10/uk-government-releases-mobile-platform-guidance/#respondTue, 15 Oct 2013 16:17:15 +0000http://bizblog.blackberry.com/?p=11619/ Read More]]>For the better part of a decade, BlackBerry technology has played a critical role in revolutionizing the working practices of government and public sector customers across the world. The penetration of the BlackBerry solution across this sector is without compare: in the UK, we count Cabinet departments, the central government, the Ministry of Defence (MoD) and over half of all UK police forces amongst our valued public sector customers.

Our tried and trusted security has been integral to our ongoing strength in this space. Third-party independent accreditations and certifications back this up:

BlackBerry 10 was FIPS 140-2 approved in November 2012, two months ahead of the platform’s official launch

BES 10 and BlackBerry 10 smartphones are approved by NATO for classified communications up to the level of “Restricted”

The SecuSuite for BlackBerry 10 solution has been approved by the German Procurement Office and Federal Office for Information Security (BSI) for classified communications for the German government. 11 out of 14 German cabinet departments have chosen the SecuSuite for BlackBerry 10 solution

The BlackBerry Z10 and ‎BlackBerry Q10 smartphones with BES 10 were awarded Authority to Operate (ATO) on Department of Defense (DoD) networks. BlackBerry is the first Mobile Device Management provider to obtain an ATO

Of course, the world of mobility is changing and the government and public sector must change too. This week, for the first time ever, the UK government has made publicly available its End-User Devices Security and Configuration Guidance, the definitive document for the use of technology within a public sector environment. This guidance provides recommendations on how to configure and use a wide range of devices and importantly, also summarizes the potential risks involved with the use of these devices.

Greater choice has become a defining characteristic of the enterprise mobility space and these new guidelines are a response to this trend. However, they should not overshadow the ongoing importance of secure mobile communications in a public sector environment. From the outset, we’ve set the standard for enterprise-grade mobile security and in an ever-evolving market, our focus is to maintain and strengthen this position. With this new guidance, BlackBerry 10 in its EMM-Regulated configuration has by far the fewest and least severe risks of any other mobile platform.

What’s more, BES 10 can be used to securely manage BlackBerry, iOS, and Android smartphones and tablets in their recommended configuration, allowing enterprises to provide choice to their individual users, if the enterprise is willing to accept the risks of each individual platform. The likely proliferation of devices and platforms, which these new guidelines will usher in, only reinforces the need for a simple and secure enterprise mobility management platform that can manage a diverse mobile estate. BES 10 is such a solution. It can securely manage and control BlackBerry, iOS and Android smartphones and tablets from one single console. By extending to iOS and Android devices the security and manageability capabilities that have made our technology the mobile solution leader across the UK public sector, we’re confident that we can continue to best meet the changing mobility needs of this market segment.

(As of February 2015, BlackBerry holds 70+ security certifications and approvals from governments.)